Supply Chain Attack

Definition

An attack that targets dependencies in the supply chain of a service. Attackers will hide vulnerabilities inside of legitimate dependencies which are then used by software making them vulnerable. (Does not have to be related to software to cause a supply chain attack its just the example I used)